svētdiena, 2011. gada 30. janvāris

Customize xterm

Create or edit ~/.Xdefaults

XTerm*background: black
XTerm*foreground: #CCCCCC
XTerm*highlightColor: red
XTerm*font: *-fixed-medium-r-*-14-*
XTerm*boldFont: *-fixed-medium-r-*-14-*
XTerm*geometry: 110x34+200+200

add to ~/.bashrc:
alias ls="ls --color=auto"
PS1='\u@\H:\w\$ '

ceturtdiena, 2011. gada 27. janvāris

Creating image with dd

*This does not work on the fly, so you need to boot from CD. 

Quick way with non-compressed image.

Create image from hda and save it on remote server:
# dd if=/dev/sda | ssh username@backupserver "dd of=/directory_of_backups_on_ssh_server/backupfile.iso"

Extract image to disk: 
# ssh user@hostname dd if=backupfile.iso | dd of=/dev/sda


Way with compressed image.

Create compressed image from sda on remote server:
# dd if=/dev/sda | gzip | ssh username@backupserver dd of=/directory_of_backups_on_ssh_server/backupfile.img.gz

Restore:
# ssh user@hostname dd if=backupfile.iso | gzip -d | dd of=/dev/sda


Clearing MBR with dd:
# dd if=/dev/zero of=/dev/hda bs=512 count=1 

otrdiena, 2011. gada 25. janvāris

System backup on-the-fly

Create:

# tar cvpzf backup.tgz --exclude=/proc --exclude=/lost+found --exclude=/backup.tgz --exclude=/mnt --exclude=/sys /

For better compression, but it takes longer time:
# tar cvpjf backup.tar.bz2 --exclude=/proc --exclude=/lost+found --exclude=/backup.tar.bz2 --exclude=/mnt --exclude=/sys /

*At the end of the process you might get a message along the lines of 'tar: Error exit delayed from previous errors' or something, but in most cases you can just ignore that.

Restore:

# tar xvpfz backup.tgz -C /
# tar xvpfj backup.tar.bz2 -C /

Just make sure that, before you do anything else, you re-create the directories you excluded:
# mkdir proc
# mkdir lost+found
# mkdir mnt
# mkdir sys

etc...

pirmdiena, 2011. gada 17. janvāris

htdir backup script.sh

#!/bin/sh
# set chmod 700 to /backup for security reasons
cd /backup
FILENAME=`date +%d%b%Y`-htdir.tar.gz.sec

tar -cvf - /var/www/htdocs/ | gzip -c > htdir.tar.gz
openssl des -in htdir.tar.gz -out $FILENAME -pass pass:secpasswd
scp $FILENAME backup@backupsrv:/backup/srv1/htdir
echo `md5sum $FILENAME` >> md5sum.log
rm htdir.tar.gz $FILENAME

DB backup script.sh

#!/bin/bash
# set chmod 700 to /backup for security reasons 
cd /backup
FILENAME=`date +%d%b%Y`-mysql_alldb.tar.gz.sec
mysqldump --single-transaction -u backup -pmysqlpasswd --all-databases > backup.sql
tar -cf - backup.sql | gzip -c > backup.tar.gz
openssl des -in backup.tar.gz -out $FILENAME -pass pass:cryptpasswd
scp $FILENAME backup@backupsvr:/backup/srv1/db
echo `md5sum $FILENAME` >> md5sum.log
rm backup.sql backup.tar.gz $FILENAME

MYSQL on Slackware

# cp /etc/my-medium.cnf /etc/my.cnf
# chown -R mysql.mysql /var/lib/mysql
# /usr/bin/mysql_install_db
# cd /var/lib
# chown -R mysql:mysql mysql
# /usr/bin/mysqladmin -u root password 'new-passwd'


# chmod +x /etc/rc.d/rc.mysqld
#/etc/rc.d/rc.mysqld start


Slackware vsftpd FTP with local users

Edit /etc/inetd.conf, uncomment:
# ftp stream tcp nowait root /usr/sbin/tcpd vsftpd

Edit /etc/vsftpd.conf:
local_enable=YES
write_enable=YES



Chroot users in specific directory

Enable or add these lines in /etc/vsftpd.conf:
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
chroot_local_user=YES


Create /etc/vsftpd.chroot_list, add line:
username /path/to/chrooted/dir/

Change home directory to same as chroot:
> usermod -d /path/to/chrooted/dir/ username



Limit user access to FTP only
In /etc/passwd change user shell to /bin/false
add /bin/false to /etc/shells

Pass on passwords with scp

$ ssh-keygen -t rsa

Generating public/private rsa key pair
Enter file in which to save the key ... (Enter)

Enter passphrase (empty for no passphrase): (Enter twice)

Copy key to remote box & login there:
$ scp id_rsa.pub user@remote:/home/user
$ ssh user@remote


$ cat id_rsa.key >> /home/user/authorized_keys

Remove pass phrase dialog on an apache ssl certificate

# openssl rsa -in server.key -out server.key.nopass

And of course edit this:
ubuntu:
$ sudo vim /etc/apache2/sites-available/default-ssl

slackware:
 # vim /etc/httpd/extra/httpd-ssl.conf